Commit Graph

195 Commits

Author SHA1 Message Date
Nick Walker
1b0f63be83 Chown files in codedir to pe-puppet 2015-12-09 09:46:56 -08:00
Nick Walker
6ac2b30b38 Allow disabling authentication on code manager webhook 2015-12-09 09:46:45 -08:00
Nick Walker
947a5529a3 Disable code manager webhook authentication 2015-12-09 09:44:51 -08:00
Nick Walker
b71ab8d42e Allow code_manager profile to not error out on first run
Prior to this commit, the code manger profile could not complete
on the first run because the file function would error out

I implemented a new version of the file function that returns
nothing when the file does not exist instead of erroring out which
allows me to gate creating the webhook on whether there is content
in the file.

As a result this means that it takes 2 runs to get everything setup
but this is preferable over having to manually intervene in some
other way if the token file doesn't exist.
2015-12-09 09:44:50 -08:00
Nick Walker
2d7a9a72e1 Refactor puppetmaster and zack_r10k_webhook
Moved the webhook resource out of puppetmaster and into zack_r10k
to support exchaning code_manager in place of zack_r10k

As a result I cleaned up some unnecessary parameters.

Installing both the r10k webhook and the code_manager at this time
for testing
2015-12-09 09:44:50 -08:00
Nick Walker
4c2be74083 Add support for code manager which will replace zack r10k
Add pltraing-rbac module
Added a new profile for code_manager that:
 - creates a service users for code manager
 - creates a token for that service user
 - creates a hook on a git server using the token

Turns out that the file function in puppet cannot read files in
/root.  The pe-puppet user needs read permissions on the file
and traversal on the directory which giving to /root would
probably be a bad idea.  So, I just put the file containing
the token in /etc/puppetlabs/puppetserver since I'm not sure
where would be better.
2015-12-09 09:44:35 -08:00
Nick Walker
8c71bd0b13 Enable code manager via param in common.yaml 2015-11-25 16:06:29 -08:00
Nick Walker
63429fe9ec Add custom functions for determining some PE settings
Added a function to find the hostname and port of the classifier

Added a fucntion to return all puppetdb hostnames
2015-11-25 16:06:28 -08:00
Gary Larizza
a9d3be58aa Merge pull request #3 from WhatsARanjit/production
Chicken-and-egg issue
2015-11-25 14:26:24 -06:00
Ranjit Viswakumar
2859cffba9 Merged from upstream 2015-11-25 16:51:43 +00:00
Gary Larizza
10732cf370 Merge pull request #4 from npwalker/merge_npwalker_control_repo
Merge npwalker/control-repo in puppetlabs/control-repo
2015-11-25 10:29:54 -06:00
Nick Walker
1fd5334441 Cleanup README to generalize urls and add notes about testing
Remove a specific reference to the npwalker namespace in a
git clone command.

Add some notes that this has only been tested against 2015.2.z.
2015-11-24 13:13:08 -08:00
Nick Walker
afc9a358f3 Merge branch 'production' of https://github.com/npwalker/control-repo into merge_npwalker_control_repo 2015-11-24 11:16:51 -08:00
Ranjit Viswakumar
c2bd0d3ca1 Check for rugged or output UNIX epoch 2015-11-20 14:13:17 +00:00
Ranjit Viswakumar
f765903e25 Checking for git first 2015-11-20 14:13:17 +00:00
Nick Walker
7e40513c53 Change owner/group to pe-puppet for hiera module
When the owner / group was root this meant that enabling
hiera-eyaml wouldn't work properly as the keys couldn't
be read by puppetserver.

Changing to pe-puppet should resolve the issue.
2015-11-17 14:10:45 -08:00
Nick Walker
e5be3e2ddd fixing a bunch of puppet lint warnings 2015-10-30 13:50:10 -07:00
Nick Walker
3149d9707f Refactor webhook profiles into one profile with a parameter
Previously there was a mcollective and no_mcollective version of
the webhook profile.  They were almost identical so I merged them
and manage the difference with a "use_mcollective" parameter.

I renamed the webhook profile to zack_r10k_webhook.
2015-10-30 13:42:33 -07:00
Nick Walker
8e271e3043 Change the zack/r10k webhook to utilize username and password
To accomodate generating random usernames and passwords, I had
to parameterize the profiles which I didn't feel great about
but I also didn't want to have to put the username and pass in
hiera.
2015-10-30 13:19:33 -07:00
Nick Walker
3fcf6e3d5e change puppetserver heap to 192m 2015-10-29 11:59:19 -07:00
Nick Walker
0b7acebc34 switch to npwalker/abrader-gms 2015-10-29 11:42:19 -07:00
Nick Walker
e045f172bd enable SSL on the zack/r10k webhook 2015-10-29 09:53:53 -07:00
Nick Walker
b6351f9e5d Add $::fqdn to post receive hook title
Also, change other references of $fqdn to $::fqdn
2015-10-28 13:16:36 -07:00
Nick Walker
591f9b9f0b remove environment_timeout =0 from environment.conf 2015-10-28 11:36:44 -07:00
Nick Walker
c2aeccd388 disable SSL on the zack/r10k webhook
The abrader/gms provider for gitlab doesn't support
disabling ssl verification but will soon.
2015-10-28 11:27:57 -07:00
Nick Walker
d6cb170a78 enable ssl on the webhook 2015-10-28 10:37:59 -07:00
Nick Walker
8fe670beb0 make environment timeout setting refresh the puppet master service 2015-10-26 16:32:24 -07:00
Nick Walker
4598483d0f Fix the update-classes script and set appropriate perms on it 2015-10-26 15:50:22 -07:00
Nick Walker
1cb89d981a Fix some embarassing typos 2015-10-26 15:12:39 -07:00
Nick Walker
92f8d2d251 Configure the MoM to update the classifier after deploying code
This entailed configring the classifier to never sync on a
schedule.

Changing environment_timeout to unlimited for all masters.

Setting a postrun command for r10k that would update the class
information in the classifier (the update-classes endpoint).
2015-10-26 14:59:20 -07:00
Nick Walker
baf376d30f add .gitignore to ignore my example hiera file 2015-10-22 15:48:06 -07:00
Nick Walker
ac0f1b0cdc Multiple fixes to the README
fix step 16 and 17 being out of order
fix a step that referred erronously to step 4
change the numbering to be reflective of actual numbering
2015-10-22 15:43:36 -07:00
Nick Walker
86cb66b057 fix incorrect curly brace 2015-10-22 14:25:17 -07:00
Nick Walker
9d1b750d74 fix site.pp to not include a role that is empty 2015-10-22 14:15:13 -07:00
Nick Walker
2ffc83ac7c Clean up the README so it works from top to bottom
I removed some extraneos notes I had and added a few more bits of
documentation.
2015-10-21 08:58:52 -07:00
Nick Walker
ae3b7c7d4a fix whitespace 2015-10-21 08:47:57 -07:00
Nick Walker
726052fefc Remove notes about making control-repo public 2015-10-20 21:27:11 -07:00
Nick Walker
65820675e5 Change the zack/r10k webhook to not authenticate 2015-10-20 21:24:44 -07:00
Nick Walker
683a2209a6 Change puppetdb heap size to 96MB from 64MB 2015-10-16 14:28:17 -07:00
Nick Walker
1828e21623 Change to using the webhook without mcollective
In order to complete the change I refactered the webhook into
its own set of profiles, one with mcollective and the other
without.
2015-10-16 10:56:07 -07:00
Nick Walker
6ff5658a2a Add some notifies to pe services after making changes 2015-10-15 12:22:45 -07:00
Nick Walker
03bfb39768 Change max_requests_per_instance to 10K 2015-10-06 12:58:04 -07:00
Nick Walker
a8cbec54e0 update README 2015-09-29 11:09:54 -07:00
Nick Walker
c54b9000ea Update README to remove --mirror from git clone 2015-09-25 08:33:08 -07:00
Nick Walker
03d6c0c74c Update README some more 2015-09-24 16:03:26 -07:00
Nick Walker
0c486e2fcc Ensure /etc/gitlab/ssl exists before putting certs in it 2015-09-24 14:59:39 -07:00
Nick Walker
fe07a85530 Update README partially
I made some updates to the README that I never committed.

I'm probably going to change some of this but it's more useful
with these additions than without.
2015-09-22 13:39:39 -07:00
Nick Walker
06f2e5e5aa Correct module namespace for stash module 2015-09-22 12:38:46 -07:00
Nick Walker
809f682086 Add hiera key for tuning max_requests_per_instance
https://docs.puppetlabs.com/pe/2015.2/config_puppetserver.html#tuning-maxrequestsperinstance-on-puppet-server
2015-09-22 09:41:21 -07:00
Nick Walker
869a5c3aa9 Update file permsissions to be 755 on scripts 2015-08-31 13:20:43 -07:00